‘Botnet’ attacks put school computers under hackers’ control

By eSchool News

December 24th, 2008

Cyber criminals are looking for holes in school networks so they can seize control of computers to launch attacks anonymously, experts say–distributing spam, viruses, or "Trojan Horse" assaults while often avoiding prosecution. The problem has grown so pervasive that computer-security experts have taken to referring to these so-called botnet attacks as an "army of darkness"–and education institutions are this army’s targets of opportunity.

Craig Schiller, the chief information security officer at Portland State University who is widely considered a leading authority on "botnets," or collections of computers under a hacker’s control, said school officials’ desire to keep computer networks open to all students and faculty leaves an opening for cyber criminals looking for networks without tight security measures.

"The general environment on a university campus is for open access, which usually means not a whole lot of protection," Schiller said, adding that schools and universities with massive hard-drive space are especially vulnerable, because that trait is desirable to botnet hackers.

Botnets are a growing problem for CIOs worldwide–and even federal authorities have gotten involved. Addressing the problem, Schiller said, starts with alerting school tech chiefs to the prevalence of botnets, which–in some cases–can shut down an entire computer network.

In October, a University of Pennsylvania senior was charged in an ongoing investigation into the use of botnets on college campuses. The botnet attacks caused a Penn server to crash after four days of nonstop traffic.

U.S. District Judge Michael Baylson sentenced Ryan Goldstein, 22, to 90 days in a halfway house, followed by 180 days of house arrest, and ruled that Goldstein could serve his sentence during a leave of absence from school or during the summer. Goldstein also was fined $30,000 and prohibited from using a computer for five years, except for work or school activities.

In February, Goldstein admitted to a single misdemeanor count of aiding and abetting another hacker–Owen Thor Walker, a New Zealand teen known as AKILL–in gaining unauthorized access to a Penn computer server by using a botnet. Walker, 18, was part of a botnet scheme that reportedly infected more than a million computers across the world. He pleaded guilty to that crime in April.

Although there will never be a cure-all for botnets, school IT chiefs can take several steps to protect their networks. At colleges and universities, Schiller says, where large servers are required for an enormous amount of financial and student information, tech chiefs should isolate those servers from the rest of the campus, creating an obstacle for botnets roaming campus networks. Programs that show which computers have been contacted by botnets also can help.

And Schiller further recommends eliminating all generic accounts, which easily can be exploited by hackers looking to create a botnet that eventually could spread to other computers, bogging down campus networks and possibly making computers unusable.